Overview

overview

3

Static

static

1

e25b1e62fc...8.html

windows7-x64

3

e25b1e62fc...8.html

windows10-2004-x64

3

Analysis

  • max time kernel
    121s
  • max time network
    127s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    15/09/2024, 11:15

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    e25b1e62fcf11d0c244b3f5a60729124_JaffaCakes118.html

  • Size

    36KB

  • MD5

    e25b1e62fcf11d0c244b3f5a60729124

  • SHA1

    bfdcd8ab41656a0c3c1948f197cf37a7ac8180eb

  • SHA256

    4ef2feb9d7411b374f4d5f12a8deaa1303e67b967e50a2d2c9112366e788aa00

  • SHA512

    4feab2a1f68dc3d71f678386df6505b0ae4c2d16e8944e908b17b553ab948f55f143ad19588203cd2046522668fc4df70a29abcc211acf7274b0dbbce4f8b8b1

  • SSDEEP

    768:zwx/MDTHh588hARCZPXjRE1XnXrFLxNLlDNoPqkPTHlnkM3Gr6TtZO46lrl6lLRf:Q/UkbJxNVuu0Sx/c8RK

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Modifies Internet Explorer settings 1 TTPs 36 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Program Files\Internet Explorer\iexplore.exe
    "C:\Program Files\Internet Explorer\iexplore.exe" C:\Users\Admin\AppData\Local\Temp\e25b1e62fcf11d0c244b3f5a60729124_JaffaCakes118.html
    1⤵
    • Modifies Internet Explorer settings
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2712
    • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
      "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2712 CREDAT:275457 /prefetch:2
      2⤵
      • System Location Discovery: System Language Discovery
      • Modifies Internet Explorer settings
      • Suspicious use of SetWindowsHookEx
      PID:1740

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\8B2B9A00839EED1DFDCCC3BFC2F5DF12
          Filesize

          1KB

          MD5

          7fb5fa1534dcf77f2125b2403b30a0ee

          SHA1

          365d96812a69ac0a4611ea4b70a3f306576cc3ea

          SHA256

          33a39e9ec2133230533a686ec43760026e014a3828c703707acbc150fe40fd6f

          SHA512

          a9279fd60505a1bfeef6fb07834cad0fd5be02fd405573fc1a5f59b991e9f88f5e81c32fe910f69bdc6585e71f02559895149eaf49c25b8ff955459fd60c0d2e

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\B46811C17859FFB409CF0E904A4AA8F8
          Filesize

          436B

          MD5

          971c514f84bba0785f80aa1c23edfd79

          SHA1

          732acea710a87530c6b08ecdf32a110d254a54c8

          SHA256

          f157ed17fcaf8837fa82f8b69973848c9b10a02636848f995698212a08f31895

          SHA512

          43dc1425d80e170c645a3e3bb56da8c3acd31bd637329e9e37094ac346ac85434df4edcdbefc05ae00aea33a80a88e2af695997a495611217fe6706075a63c58

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          d87b8fb1636ee8dc604d5eda9f599d59

          SHA1

          cd127239529d7986d3fb25c3ce77df3cbca4ca90

          SHA256

          90e415b687803b0cded9f8b924231b8c2578a1fee3145eb09dbeb1f0873ef795

          SHA512

          8e70d37cad2fd732ee2b251472c61b060a74f08234d9f0fccbb4161b6e8fbf88f339af0992c3cecb2bca51140899622b1805c1302896b4563cb8b92ad5f2431c

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          ffacca132e3d06529f72fecfd9a92130

          SHA1

          15aea16f7c8b41123765c55e8795ee5800498db5

          SHA256

          cf133025482b15b83b568e99bf6f6057200611610f942ac5aede5691614c8c36

          SHA512

          22ade4afb913bbd71b2c96ff8cc3a5c8f853e9824fd38966c5331fc90fbe39d4162ccd2650c2bc6570b99fa6868c5f4d892d12801fb93285dab84209a7756d9a

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          0b08b72ca89ff03f6a8b56f6667fa1f8

          SHA1

          50a679132e0d6a72b0ab578d92ccfa9858fd68ac

          SHA256

          761a0f5b8338d22eba8f1a63a704ff5f9ba1921d3af1d0ea26c7c69297da4e4d

          SHA512

          3cf37dc0c45d07ad90bb4647d7a8997fafae58a42eac79fc1c62204d4b435fda9031e8727227fa232a81e8489c6369babf10ba6c911a51c951831bca64f2937a

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          2d1439e8900c57ec8c0587865a80fe00

          SHA1

          1566583f0cccdbe17ddfa8e79ab4492d5fb417fa

          SHA256

          a9975af7e700fa1983868512a233e0bda28b822ae86c82625ff05814071d9496

          SHA512

          3c20fb3dafdd272223746a883e9177e8867457e9aa2c96fabcd0faff623c378d7abd1656a3f5cb4efd410e7ed50d60313900a805c04e7aa628f7e31fdc96dde2

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          86842532bbd3c216a9dd7e4c207b0dc1

          SHA1

          9c0a70469473d4b3a3cb5470ad557aff9856d62d

          SHA256

          ee14400fbf63d5a8b9b094ef6e0b9ff77d8f5e18ef908b0d870dbdea6db13de2

          SHA512

          813ffc4d0e05a4ab48218ec8651730031d90404021d8fb00347c447fe7bf3c980cc2883239910ae6d8cb27b4f81659c3611bf40c255046c2c4acc86e74c37ff1

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          7a5901155a857674138967c4e00f45ce

          SHA1

          06a8f24e080358eab8f564e90fae0efd8a6a67fb

          SHA256

          3c915474583b2f918d3def91afbc019f7e27c7c642af939b337145fb94fba268

          SHA512

          8fa203284fe76b8de71b188105edc132e4c3edaf1c25ca27e9c60100e5251e2aab45a39b301629b9bc9e5d0c5262c627393486620a2edccb4aead8bead20efca

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          b188caf2d4e7314104f2463d77ac9fbc

          SHA1

          99d849b6aa5ce924e00279603c1c18df29d32497

          SHA256

          2b6e922009059f7f405ddb00123da1a51e21ac5e07427e205c3974165383eeff

          SHA512

          c80a5205af10164dee1f4097bad6164ba7f47cf56430f55cf5302b2f01c355b096d740a489275505e4ed6d07ee030ab876aafd64f48dddae1ccf36ed050e69c6

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          dd2baad068506350751a1bc3008dd00f

          SHA1

          64ae55842a8ef6006697b1aaa2f4615395a02f38

          SHA256

          af632f7ac95459032367de6255f68bcda8672929f615c9d0806d0fe3872d8d02

          SHA512

          ff7d826abba5057fb0b9eeb0798e3c2e434e466dbcaafcb59995b1f5d52d60cc99672473555f014b99bf0181991ad46ec81690264eec20cf87f4519601ffce86

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          5f4379879c8d10658b250cf652cbf3a8

          SHA1

          72749d027281dfb86df2068ad963293369384663

          SHA256

          fa2420664e698884ce860519132e87c0f2854d7a2f84995286923e4c13448bb7

          SHA512

          1e36da0d56a71508c1ddaff228b3511b04036009eb3eeea70ddc636d1937ad5f935a9d92986de5c98f03860fb41380617df98f8db6f7a073e5bd1cbdda7175bd

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          0354a4b643ec0c1994bcbf26bc34bb7a

          SHA1

          407edd7be160bedf093f8d6e7e36df2e1a8eec70

          SHA256

          c8fcaf5fc09abdff62790912c1b0bfb6e31871f2ad9595686c6467372a192999

          SHA512

          8350a0ba466c58797748d5567fb137fc8d0aeed6b141047f1f75a46411f6b5f3174c8dae45340e4fbb5d33fee677bad81cf5fbd16b76f036cd0070fcc5c5af5f

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          0e06ccdbf63388544b3d643496181a9d

          SHA1

          5aa9a4f344c37fef267e822906e9b80d8ae7c3f8

          SHA256

          fcfd8822ef9f05437f8c0472e0664c09ce2624dad80bd3738b60e499948c1a36

          SHA512

          a1e6449896b5b62c49ddf45d76a739210d845a13a44e0535a9b03d1cd49cf666efb3403d29a440d2b2c1da03754c20eb6d7bbb8a75783cd8cc6d3f038275cdff

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
          Filesize

          342B

          MD5

          6a7f703046dcef56f8dd96e74ba80159

          SHA1

          2eae69cc029d9bd3c7e6fd4f0bfe6a4673c125cd

          SHA256

          8567a12e3b668cd815f69050afab3fdf9320599f638c89155b9961c24bfe4f81

          SHA512

          2844217131ea3b5e257a6b71d3f1bca4760b5ebdcf5fff6a03877194215a3b6bc92fbe856772cb2e6b3ef4a79ffb6d515aef8f0aef81646ea501342c8d5b6bde

          Download Submit

        • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\B46811C17859FFB409CF0E904A4AA8F8
          Filesize

          170B

          MD5

          2c54e134f7b73fb7a2e0bac40da9ad42

          SHA1

          246e7b2a81b539ce83ebe44c728779ba1d29c22c

          SHA256

          b611fee4c01b07e8d508c2d207ca517f12f61a05cd9268870325e6a46678c618

          SHA512

          166960b2e6a7b917538b979a23943dfc24c241ab99776755a270e0904a7bda04f5a2688dd95368ae555f858409e3dc8f4beddd4babc4eb1fd9e657f1d23c8e84

          Download Submit

        • C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\WCATT3E5\ae111d25cbb9b2d7293e8bdb2fcfe8b3[1].htm
          Filesize

          162B

          MD5

          4f8e702cc244ec5d4de32740c0ecbd97

          SHA1

          3adb1f02d5b6054de0046e367c1d687b6cdf7aff

          SHA256

          9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a

          SHA512

          21047fea5269fee75a2a187aa09316519e35068cb2f2f76cfaf371e5224445e9d5c98497bd76fb9608d2b73e9dac1a3f5bfadfdc4623c479d53ecf93d81d3c9f

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\Cab9FDA.tmp
          Filesize

          70KB

          MD5

          49aebf8cbd62d92ac215b2923fb1b9f5

          SHA1

          1723be06719828dda65ad804298d0431f6aff976

          SHA256

          b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

          SHA512

          bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

          Download Submit

        • C:\Users\Admin\AppData\Local\Temp\Tar9FEC.tmp
          Filesize

          181KB

          MD5

          4ea6026cf93ec6338144661bf1202cd1

          SHA1

          a1dec9044f750ad887935a01430bf49322fbdcb7

          SHA256

          8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

          SHA512

          6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

          Download Submit